private void btnSubmit_ServerClick(object sender, System.EventArgs e) { string _userName = string.Empty; string _password = string.Empty; _userName = txtUserName.Value; _password = txtUserPass.Value; DAL _dal = new DAL(); if (_dal.ValidateAdminUser(_userName, _password)) { //Create a session for this logged-in user. _userState.UserID = "9999"; _userState.UserName = _userName; _userState.IsActive = true; _userState.IsAdmin = true; _siteUser.UserState = _userState; FormsAuthenticationTicket tkt; string cookiestr; HttpCookie ck; tkt = new FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now, DateTime.Now.AddMinutes(30), chkPersistCookie.Checked, "your custom data"); cookiestr = FormsAuthentication.Encrypt(tkt); ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr); if (chkPersistCookie.Checked) ck.Expires = tkt.Expiration; ck.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(ck); string strRedirect; strRedirect = Request["ReturnUrl"]; if (strRedirect == null) { strRedirect = "~/Default.aspx"; } else { Response.Redirect(strRedirect, chkPersistCookie.Checked); } } else Response.Redirect("logon.aspx", true); }